From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1IitdC-0000wf-OK
	for qemu-devel@nongnu.org; Fri, 19 Oct 2007 11:19:22 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1IitdB-0000vo-JI
	for qemu-devel@nongnu.org; Fri, 19 Oct 2007 11:19:21 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1IitdB-0000vj-Bz
	for qemu-devel@nongnu.org; Fri, 19 Oct 2007 11:19:21 -0400
Received: from hall.aurel32.net ([88.191.38.19])
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <aurel32@hall.aurel32.net>)
	id 1IitdA-0000ON-Oq
	for qemu-devel@nongnu.org; Fri, 19 Oct 2007 11:19:21 -0400
Date: Fri, 19 Oct 2007 17:19:16 +0200
From: Aurelien Jarno <aurelien@aurel32.net>
Subject: Re: [Qemu-devel] I got a kernel booted under qemu-system-ppc !
Message-ID: <20071019151916.GA17481@hall.aurel32.net>
References: <200710181912.57825.rob@landley.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
In-Reply-To: <200710181912.57825.rob@landley.net>
Sender: "aurel32,,," <aurel32@hall.aurel32.net>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Milton Miller <miltonm@bga.com>

On Thu, Oct 18, 2007 at 07:12:57PM -0500, Rob Landley wrote:
> The easy way to reproduce this is go to "http://landley.net/hg/firmware", 
> download tip, and "./build.sh powerpc".  When it finishes building 
> everything, cd build and "./run-powerpc.sh".
> 
> What I did is build a new ppc_rom.bin (attached, source code is at 
> http://landley.net/hg/firmware/raw-diff/92f89c9c9495/sources/toys/make-ppc_rom.tar.bz2 ) 
> which was written by Milton Miller.  I use that firmware as the boot rom 
> (point -L at the directory it's in) instead of Open Hackware, which still 
> doesn't work for me.
> 
> Then I build a 2.6.23 kernel with this patch: 
> http://landley.net/hg/firmware/raw-diff/fdb6ddd4c3b7/sources/patches/linux-ppcqemu.patch
> which adds a "qemu" target.
> 
> I then boot with the following command line (modulo wordwrap damage):
> 
> qemu-system-ppc -M prep -nographic -hda image-powerpc.ext2 -kernel
>   zImage-powerpc -append 'rw init=/tools/bin/sh panic=1 PATH=/tools/bin
>   root=/dev/hda console=ttyS0' -L ../sources/toys
> 
> And I get a shell prompt inside qemu!  (After almost _two_years_ of trying, 
> I'm kind of happy about this.)
> 
> The downside is that the result boots fine under qemu-0.9.0, but is broken 
> with current cvs.  I tracked it down to the specific patch with "git bisect", 
> and it's this one:
> 
> http://git.kernel.dk/?p=qemu.git;a=commit;h=36f447f730f61ac413c5b1c4a512781f5dea0c94
> 
> author  j_mayer <j_mayer>
> 	Mon, 9 Apr 2007 22:45:36 +0000 (22:45 +0000)
> committer  j_mayer <j_mayer>
> 	Mon, 9 Apr 2007 22:45:36 +0000 (22:45 +0000)
> 
>  Implement embedded IRQ controller for PowerPC 6xx/740 & 750.
>  Fix PowerPC external interrupt input handling and lowering.
>  Fix OpenPIC output pins management.
>  Fix multiples bugs in OpenPIC IRQ management.
>  Fix OpenPIC CPU(s) reset function.
>  Fix Mac99 machine to properly route OpenPIC outputs to the PowerPC input 
> pins.
>  Fix PREP machine to properly route i8259 output to the PowerPC external
>    interrupt pin.
> 
> Versions before that patch went in work fine.  Versions since then hang 
> halfway through IDE controller initialization:
> 
>   Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
>   ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx
>   hda: QEMU HARDDISK, ATA DISK drive
>   hda: IRQ probe failed (0x0)
>   hdb: IRQ probe failed (0x0)
>   hdb: IRQ probe failed (0x0)
>   hdb: QEMU CD-ROM, ATAPI CD/DVD-ROM drive
>   hdb: IRQ probe failed (0x0)
>   <-- hangs here with the patch
>   ide0 at 0x1f0-0x1f7,0x3f6 on irq 13
>   hda: max request size: 512KiB
>   hda: 4194304 sectors (2147 MB) w/256KiB Cache, CHS=4161/255/63
>   hda: set_multmode: status=0x41 { DriveReady Error }
>   hda: set_multmode: error=0x04 { DriveStatusError }
>   ide: failed opcode was: 0xef
>   hda: cache flushes supported
>   hda: unknown partition table
>   mice: PS/2 mouse device common for all mice
> 

The small patch below fixes the IDE problem, but not the NE2000 ISA one.
Please apply.

Index: hw/i8259.c
===================================================================
RCS file: /sources/qemu/qemu/hw/i8259.c,v
retrieving revision 1.25
diff -u -d -p -r1.25 i8259.c
--- hw/i8259.c	17 Sep 2007 08:09:46 -0000	1.25
+++ hw/i8259.c	19 Oct 2007 15:17:22 -0000
@@ -164,7 +164,7 @@ void pic_update_irq(PicState2 *s)
     }
 
 /* all targets should do this rather than acking the IRQ in the cpu */
-#if defined(TARGET_MIPS)
+#if defined(TARGET_MIPS) || defined(TARGET_PPC)
     else {
         qemu_irq_lower(s->parent_irq);
     }

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net